PDA

Ver la versión completa : local kernel vulnerabilities



TseTse
24-11-2002, 15:46
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory November 22, 2002 |
| http://www.engardelinux.org/ ESA-20021122-030 |
| |
| Package: kernel |
| Summary: local vulnerabilities. |
+------------------------------------------------------------------------+

EnGarde Secure Linux is a secure distribution of Linux that features
improved access control, host and network intrusion detection, Web
based secure remote management, e-commerce, and integrated open source
security tools.

OVERVIEW
- --------
Solar Designer kindly pointed out to us that our last kernel update
(ESA-20021022-026) was incomplete because 2.2.22-rc1 did not contain
all the critical security fixes. This update backports the remaining
fixes.

This update also fixes a denial of service attack where a local user
could lock the machine.

All users are recommended to upgrade immediately using the special
SOLUTION in this advisory.

SOLUTION
- --------
Users of the EnGarde Professional edition can use the Guardian Digital
Secure Network to update their systems automatically.

EnGarde Community users should upgrade to the most recent version
as outlined in this advisory. Updates may be obtained from:

ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
http://ftp.engardelinux.org/pub/engarde/stable/updates/

Please read and understand this entire section before you attempt to
upgrade the kernel.

Initial Steps
-------------
1) Verify the machine is either:

a) booted into a "standard" kernel; or
b) LIDS is disabled (/sbin/lidsadm -S -- -LIDS_GLOBAL)

2) Determine which kernels you currently have installed:

# rpm -qa --qf "%{NAME}\n" | grep kernel

3) Download the new kernels that match what you have installed
(based on step 2) from the "UPDATED PACKAGES" section of this
advisory.

Installation Steps
------------------
4) Install the new packages. The packages will automagically
update /etc/lilo.conf by commenting out any old EnGarde images
and replacing them with the new ones:

# rpm --replacefiles -i <kernel 1> <kernel 2> ...

5) Re-run LILO. If you see any errors then open /etc/lilo.conf in
your favorite text editor and make the appropriate changes:

# /sbin/lilo

Final Steps
-----------
6) If you did not see any LILO errors then your new kernel is now
installed and your machine is ready to be rebooted:

# reboot

UPDATED PACKAGES
- ----------------
These updated packages are for EnGarde Secure Linux Community
Edition.

Source Packages:

SRPMS/kernel-2.2.19-1.0.29.src.rpm
MD5 Sum: 9b4826ca5257cf76f4cc80b7d2b8f970

Binary Packages:

i386/kernel-2.2.19-1.0.29.i386.rpm
MD5 Sum: d7832ded322e444b1754aab6aa3369ae

i386/kernel-lids-mods-2.2.19-1.0.29.i386.rpm
MD5 Sum: 711f92dde4726474c526766e8be18be4

i386/kernel-smp-lids-mods-2.2.19-1.0.29.i386.rpm
MD5 Sum: 4c8524458b94d65a5df1401707a59355

i386/kernel-smp-mods-2.2.19-1.0.29.i386.rpm
MD5 Sum: 5b3df58bf41b98451f20700d25107b3d

i686/kernel-2.2.19-1.0.29.i686.rpm
MD5 Sum: ff4b48ed55eff840324f9ef27db0c21d

i686/kernel-lids-mods-2.2.19-1.0.29.i686.rpm
MD5 Sum: e6cc2cd48bca65ff29ba82bd82a926d1

i686/kernel-smp-lids-mods-2.2.19-1.0.29.i686.rpm
MD5 Sum: f39a8f68e1dedcd4e2ebf21b11a7a78f

i686/kernel-smp-mods-2.2.19-1.0.29.i686.rpm
MD5 Sum: d217eabb58429da7cebd9e07a0d29daa

REFERENCES
- ----------
Guardian Digital's public key:
http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY

Official Web Site of the Linux Kernel:
http://www.kernel.org/

Security Contact: security@guardiandigital.com
EnGarde Advisories: http://www.engardelinux.org/advisories.html

- --------------------------------------------------------------------------
$Id: ESA-20021122-030-kernel,v 1.3 2002/11/22 15:16:04 rwm Exp $
- --------------------------------------------------------------------------
Author: Ryan W. Maple <ryan@guardiandigital.com>
Copyright 2002, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE93kwZHD5cqd57fu0RAr8FAJoDjfno6prsRaabUPSzHZ Vtqom/DQCaA9Vt
aDnfQHqzYsy+CK/AUwDpfz0=
=+4my
-----END PGP SIGNATURE-----